Hi! On Tue, 2019-10-15 at 14:37 +0100, Mark Thomas wrote: > Generally, no. You've done it in what I'd consider to be the "safer" way > by exposing all the JARs visible to the client to the application's > class loader rather than the other way around. ....
Ok, good to hear, we will try this and see how things work out. I am happy to hear that you reflected about security and as far as I know we do not have any upload into the web app (and I ought to know if we do :-). Security was one of the main reason for my questions. > another option would be to use a ServletContextListener to copy the > files... Sure, but just pointing out another directory is a lot easier. Thanks a lot. /robo --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
